Comments on: The Definitive Handbook of Business Continuity Management

By: Clive Henderson

Clive Henderson — Tue, 09 Mar 2010 17:11:15 +0000

This is a thoroughly welcome addition to the business continuity books on the market. It brings a clear, rational approach to a very complicated topic. Unsurprisingly, the book adheres to the ten stage process as defined by the Business Continuity Institute and the Disaster Recovery Institute and is written in a style that is easy to read and with very little jargon. (It even gives guidelines on how to read the book.)

The book outlines some important lessons:

– The Importance of business continuity management

- Business continuity plans should be based on outcome scenarios and not causes

- The need for an organized development/implementation

- BCM is never complete – amendments and testing will always be required

There are a couple of points to note though:

- It fails to deliver the message clearly that Business Continuity Management is an umbrella for business impact analysis, risk management and business continuity planning. Too many people just concentrate on the latter.

- My experience shows that many advantages are gained through the development of the plan when the business continuity is firmly in the minds of those involved and the management sponsors (who have allocated resources and funds). This is as important as the plan itself.

- Unlike chapter 15 (Developing the written plan), Chapter 18 (Selecting tools to support the process) is an example of where the book sits on a fence. It describes the types of tools required but gives no clear examples of data used. There are numerous examples that could have been used to illustrate this; perhaps this leaves the door open for consultancy opportunities!

- Another downside to the book occurs as early as section one, which is described as an executive overview and is 75 pages long!

Notwithstanding these minor grumbles, I would wholeheartedly recommend this book to anyone involved in BCM or anyone thinking about creating a more secure business.
Rating: 4 / 5

By: bernardsia

bernardsia — Tue, 09 Mar 2010 14:42:50 +0000

Reading the material presented is a breeze. Unfortunately, it is unfair for me to pass judgement on the subject matter, as I am still a novice. Common concepts and definitions are presented on Section 1 while Section 2 expounds on the implementation aspects. Being a newbie I was somewhat impressed that the tasks involved even include mitigating human factors such as psychological effects, as well as a taskforce to handle the media with its coverage of any disaster that might be detrimental to the image of the company. An interesting concept presented was “Multilateral Business Continuity”, as it raised questions on whether your business partner’s (major customer, supplier, logistics) failure could even spell doom for your business.

BCM is presented as an all-encompassing “way of life”, ensuring that a business can survive a disaster and bounce back to its pre-disaster profit level, and the tasks and information that is required to ensure proper diagnosis, prescription and maintenance of a business. As one of the authors put it – “Do we gamble with failure or hedge against it”.

Although presented as a collection of 20 articles it is seamlessly organized that the information did not appear redundant. After which Case studies are presented on major disasters that happened to corporations in America, most notably 9/11. Considering the scope of BCP/BCM (Business Continuity Planning) endeavour, the market for its implementation within Malaysia is limited to listed companies that can afford the methodology preached. Plus, Asian cultures abhor having outsiders prodding through every nook and cranny of their business process and resource points, isolating weaknesses and identifying exposure and making sure that the business is resilient enough to withstand a collapse of its major infrastructure. Not only that, to ensure success, key personnel from all sectors have to be identified and interactions and accountability documented with redundancies and multiple information and escalation routes introduced to ensure resiliency. At the end of the day, one would envy the consulting firm that manages such a wealth of information from any such companies, which one would assume will be sizeable enough to want BCP/BCM. What a treat indeed!

On the downside, as expected with books that compiles articles, the depth of the information presented is quite shallow, but fortunately for a person like myself that are new to the subject, it’s quite a readable experience as that is exactly what I am looking for. It provides enough pieces to the puzzle for me to proceed with my r&d activities.
Rating: 4 / 5

By: Jan Husdal

Jan Husdal — Tue, 09 Mar 2010 14:02:02 +0000

I am a researcher within Supply Chain Risk Management (SCRM), which has many similarities with Business Continuity Management (BCM). That is why SCRM can and should draw upon BCM for advice. One of many good references for further reading on this subject is the The Definitive Handbook of Business Continuity Management. I haven't read enough books on BCM to say that this is "the definitive" handbook; it certainly is "a comprehensive" handbook. This 600-something pages heavy brick of a book is probably not something you read from cover to cover. I did. Well, most of it, that's how my weekend went by in a fly...

The book has 25 chapters, each written by different contributors and basically self-contained, which means that even if you read only one chapter, you will still have gained valuable insight into what BCM entails. Inevitably there is some replication from author to author; that is because they are discussing the same concept, but from their own experience and their own perspective. This makes up the first 400 pages of the book. Not all contributions are really good, but some are outstanding and clearly coney the message of BCM. The next 100 or so pages contain 26 case studies, with lessons learned and not learned, what to and what not to do, pitfalls, challenges and sucesses. The book also has space for pages on current US/UK/AU/NZ legislation, in particular the UK Civil Contingencies Act and its implication for businesses. Add to that a section on business continuity planning in Asia, indeed necessary in this age of globalization and outsorcing, and a glossary of the most used terms in BCM. What impresses me too is the 42-page keyword index, leaving practically nothing uncovered.

In conclusion: a very comprehensive, but maybe not definitive handbook.

Rating: 5 / 5

By: NewYorker

NewYorker — Tue, 09 Mar 2010 11:48:47 +0000

This is a solid book that covers some of the topics quite well. I would give it a higher mark had I not being reading, at the same time, another book on the topic, Prepare for the Worst, Plan for the Best: Disaster Preparedness and Recovery for Small Businesses, by D. Childs.
Rating: 3 / 5